Behavioral task
behavioral1
Sample
7588670d2d29a91f6635f6fd35359ade.exe
Resource
win7-20231215-en
General
-
Target
7588670d2d29a91f6635f6fd35359ade
-
Size
348KB
-
MD5
7588670d2d29a91f6635f6fd35359ade
-
SHA1
c4ee68ade0066d0ae826332e5e07aa4d8da78d89
-
SHA256
d27a1ad060cbbef1436f359248c374728be9212c34444c1fb49f1f0dd24d1424
-
SHA512
6df7e12d4469de15db2693b769929d384f745cca5cc2e0f831bf0b64c3522c7ea7705a4acf0147ae10792858f63e333e51b11b1205c94103254e63b5b73e3a40
-
SSDEEP
6144:t/s2NKG8uszQAzrUnYkxerhazPI91C9ODyWId98HhqbxtHGZyIcxDUi:VqJusyn3oUzgRy9zo0T
Malware Config
Signatures
-
Cybergate family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7588670d2d29a91f6635f6fd35359ade
Files
-
7588670d2d29a91f6635f6fd35359ade.exe windows:0 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
drws1 Size: 336KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
drws2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE